squirrelmail -- random variable overwrite vulnerability

2006-08-11T00:00:00
ID 21B7C550-2A22-11DB-A6E2-000E0C2E438A
Type freebsd
Reporter FreeBSD
Modified 2006-08-11T00:00:00

Description

The SquirrelMail developers report:

A logged in user could overwrite random variables in compose.php, which might make it possible to read/write other users' preferences or attachments.